user.js: Disabling resist fingerprinting.

Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>

1 files changed, 0 insertions, 114 deletions

diff --git a/debian/local/pref/user.js b/debian/local/pref/user.js
index 3c3b3b0861..899f5adb5e 100644
--- a/debian/local/pref/user.js
+++ b/debian/local/pref/user.js
@@ -53,7 +53,6 @@
   2600: MISCELLANEOUS
   2700: ETP (ENHANCED TRACKING PROTECTION)
   2800: SHUTDOWN & SANITIZING
-  4500: RFP (RESIST FINGERPRINTING)
   5000: OPTIONAL OPSEC
   5500: OPTIONAL HARDENING
   6000: DON'T TOUCH
@@ -630,119 +629,6 @@ user_pref("privacy.cpd.siteSettings", true);
  * which will display a blank value, and are not guaranteed to work ***/
 user_pref("privacy.sanitize.timeSpan", 1);
 
-/*** [SECTION 4500]: RFP (RESIST FINGERPRINTING)
-   RFP covers a wide range of ongoing fingerprinting solutions.
-   It is an all-or-nothing buy in: you cannot pick and choose what parts you want
-   [TEST] https://arkenfox.github.io/TZP/tzp.html
-
-   [WARNING] DO NOT USE extensions to alter RFP protected metrics
-
-    418986 - limit window.screen & CSS media queries (FF41)
-   1281949 - spoof screen orientation (FF50)
-   1330890 - spoof timezone as UTC0 (FF55)
-   1360039 - spoof navigator.hardwareConcurrency as 2 (FF55)
- FF56
-   1369303 - spoof/disable performance API
-   1333651 - spoof User Agent & Navigator API
-      version: android version spoofed as ESR
-      OS: JS spoofed as Windows 10, OS 10.15, Android 10, or Linux | HTTP Headers spoofed as Windows or Android
-   1369319 - disable device sensor API
-   1369357 - disable site specific zoom
-   1337161 - hide gamepads from content
-   1372072 - spoof network information API as "unknown" when dom.netinfo.enabled = true
-   1333641 - reduce fingerprinting in WebSpeech API
- FF57
-   1369309 - spoof media statistics
-   1382499 - reduce screen co-ordinate fingerprinting in Touch API
-   1217290 & 1409677 - enable some fingerprinting resistance for WebGL
-   1382545 - reduce fingerprinting in Animation API
-   1354633 - limit MediaError.message to a whitelist
- FF58+
-   1372073 - spoof/block fingerprinting in MediaDevices API (FF59)
-      Spoof: enumerate devices as one "Internal Camera" and one "Internal Microphone"
-      Block: suppresses the ondevicechange event
-   1039069 - warn when language prefs are not set to "en*" (also see 0210, 0211) (FF59)
-   1222285 & 1433592 - spoof keyboard events and suppress keyboard modifier events (FF59)
-      Spoofing mimics the content language of the document. Currently it only supports en-US.
-      Modifier events suppressed are SHIFT and both ALT keys. Chrome is not affected.
-   1337157 - disable WebGL debug renderer info (FF60)
-   1459089 - disable OS locale in HTTP Accept-Language headers (ANDROID) (FF62)
-   1479239 - return "no-preference" with prefers-reduced-motion (FF63)
-   1363508 - spoof/suppress Pointer Events (FF64)
-   1492766 - spoof pointerEvent.pointerid (FF65)
-   1485266 - disable exposure of system colors to CSS or canvas (FF67)
-   1494034 - return "light" with prefers-color-scheme (FF67)
-   1564422 - spoof audioContext outputLatency (FF70)
-   1595823 - return audioContext sampleRate as 44100 (FF72)
-   1607316 - spoof pointer as coarse and hover as none (ANDROID) (FF74)
-   1621433 - randomize canvas (previously FF58+ returned an all-white canvas) (FF78)
-   1506364 - return "no-preference" with prefers-contrast (FF80)
-   1653987 - limit font visibility to bundled and "Base Fonts" (Windows, Mac, some Linux) (FF80)
-   1461454 - spoof smooth=true and powerEfficient=false for supported media in MediaCapabilities (FF82)
-    531915 - use fdlibm's sin, cos and tan in jsmath (FF93, ESR91.1)
-   1756280 - enforce navigator.pdfViewerEnabled as true and plugins/mimeTypes as hard-coded values (FF100)
-   1692609 - reduce JS timing precision to 16.67ms (previously FF55+ was 100ms) (FF102)
-   1422237 - return "srgb" with color-gamut (FF110)
-   1794628 - return "none" with inverted-colors (FF114)
-***/
-user_pref("_user.js.parrot", "4500 syntax error: the parrot's popped 'is clogs");
-/* 4501: enable privacy.resistFingerprinting
- * [SETUP-WEB] RFP can cause some website breakage: mainly canvas, use a site exception via the urlbar
- * RFP also has a few side effects: mainly timezone is UTC0, and websites will prefer light theme
- * [NOTE] pbmode applies if true and the original pref is false
- * [1] https://bugzilla.mozilla.org/418986 ***/
-user_pref("privacy.resistFingerprinting", true); // [FF41+]
-   // user_pref("privacy.resistFingerprinting.pbmode", true); // [FF114+]
-/* 4502: set new window size rounding max values [FF55+]
- * [SETUP-CHROME] sizes round down in hundreds: width to 200s and height to 100s, to fit your screen
- * [1] https://bugzilla.mozilla.org/1330882 ***/
-user_pref("privacy.window.maxInnerWidth", 1600);
-user_pref("privacy.window.maxInnerHeight", 900);
-/* 4503: disable mozAddonManager Web API [FF57+]
- * [NOTE] To allow extensions to work on AMO, you also need 2662
- * [1] https://bugzilla.mozilla.org/buglist.cgi?bug_id=1384330,1406795,1415644,1453988 ***/
-user_pref("privacy.resistFingerprinting.block_mozAddonManager", true); // [HIDDEN PREF FF57-108]
-/* 4504: enable RFP letterboxing [FF67+]
- * Dynamically resizes the inner window by applying margins in stepped ranges [2]
- * If you use the dimension pref, then it will only apply those resolutions.
- * The format is "width1xheight1, width2xheight2, ..." (e.g. "800x600, 1000x1000")
- * [SETUP-WEB] This is independent of RFP (4501). If you're not using RFP, or you are but
- * dislike the margins, then flip this pref, keeping in mind that it is effectively fingerprintable
- * [WARNING] DO NOT USE: the dimension pref is only meant for testing
- * [1] https://bugzilla.mozilla.org/1407366
- * [2] https://hg.mozilla.org/mozilla-central/rev/6d2d7856e468#l2.32 ***/
-user_pref("privacy.resistFingerprinting.letterboxing", true); // [HIDDEN PREF]
-   // user_pref("privacy.resistFingerprinting.letterboxing.dimensions", ""); // [HIDDEN PREF]
-/* 4505: experimental RFP [FF91+]
- * [WARNING] DO NOT USE unless testing, see [1] comment 12
- * [1] https://bugzilla.mozilla.org/1635603 ***/
-   // user_pref("privacy.resistFingerprinting.exemptedDomains", "*.example.invalid");
-/* 4506: set RFP's font visibility level (1402) [FF94+] ***/
-   // user_pref("layout.css.font-visibility.resistFingerprinting", 1); // [DEFAULT: 1]
-/* 4510: disable using system colors
- * [SETTING] General>Language and Appearance>Fonts and Colors>Colors>Use system colors ***/
-user_pref("browser.display.use_system_colors", false); // [DEFAULT: false NON-WINDOWS]
-/* 4511: enforce non-native widget theme
- * Security: removes/reduces system API calls, e.g. win32k API [1]
- * Fingerprinting: provides a uniform look and feel across platforms [2]
- * [1] https://bugzilla.mozilla.org/1381938
- * [2] https://bugzilla.mozilla.org/1411425 ***/
-user_pref("widget.non-native-theme.enabled", true); // [DEFAULT: true]
-/* 4512: enforce links targeting new windows to open in a new tab instead
- * 1=most recent window or tab, 2=new window, 3=new tab
- * Stops malicious window sizes and some screen resolution leaks.
- * You can still right-click a link and open in a new window
- * [SETTING] General>Tabs>Open links in tabs instead of new windows
- * [TEST] https://arkenfox.github.io/TZP/tzp.html#screen
- * [1] https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/9881 ***/
-user_pref("browser.link.open_newwindow", 3); // [DEFAULT: 3]
-/* 4513: set all open window methods to abide by "browser.link.open_newwindow" (4512)
- * [1] https://searchfox.org/mozilla-central/source/dom/tests/browser/browser_test_new_window_from_content.js ***/
-user_pref("browser.link.open_newwindow.restriction", 0);
-/* 4520: disable WebGL (Web Graphics Library)
- * [SETUP-WEB] If you need it then override it. RFP still randomizes canvas for naive scripts ***/
-user_pref("webgl.disabled", true);
-
 /*** [SECTION 5000]: OPTIONAL OPSEC
    Disk avoidance, application data isolation, eyeballs...
 ***/